SEC Publishes Industry Alert on Cybersecurity

SEC Privacy/Cyber Risk & Data Security

On February 3, the SEC released a set of publications – a Risk Alert and an Investor Bulletin – assessing the level of cybersecurity at broker-dealers and advisory firms and highlighting best practices that allow investors to help protect their online accounts. The Risk Alert contains observations based on examinations of more than 100 broker-dealers and investment advisers. The examinations focused on how the firms (i) identify cybersecurity risks; (ii) establish cybersecurity policies, procedures, and oversight processes; (iii) protect their networks and information; (iv) identify and address risks associated with remote access to client information, funds transfer requests, and third-party vendors; and (v) detect unauthorized activity.